MCPcopy
hub / github.com/dgraph-io/dgraph / LoadClientTLSConfigForInternalPort

Function LoadClientTLSConfigForInternalPort

x/tls_helper.go:90–109  ·  view source on GitHub ↗

LoadClientTLSConfigForInternalPort loads tls config for connecting to internal ports of cluster

(v *viper.Viper)

Source from the content-addressed store, hash-verified

88
89// LoadClientTLSConfigForInternalPort loads tls config for connecting to internal ports of cluster
90func LoadClientTLSConfigForInternalPort(v *viper.Viper) (*tls.Config, error) {
91 tlsFlag := z.NewSuperFlag(v.GetString("tls")).MergeAndCheckDefault(TLSDefaults)
92
93 if !tlsFlag.GetBool("internal-port") {
94 return nil, nil
95 }
96 if tlsFlag.GetPath("client-cert") == "" || tlsFlag.GetPath("client-key") == "" {
97 return nil, errors.Errorf(`Inter-node TLS is enabled but client certs are not provided. ` +
98 `Inter-node TLS is always client authenticated. Please provide --tls ` +
99 `"client-cert=...; client-key=...;"`)
100 }
101
102 conf := &TLSHelperConfig{}
103 conf.UseSystemCACerts = tlsFlag.GetBool("use-system-ca")
104 conf.RootCACert = tlsFlag.GetPath("ca-cert")
105 conf.CertRequired = true
106 conf.Cert = tlsFlag.GetPath("client-cert")
107 conf.Key = tlsFlag.GetPath("client-key")
108 return GenerateClientTLSConfig(conf)
109}
110
111// LoadServerTLSConfigForInternalPort loads the TLS config for the internal ports of the cluster
112func LoadServerTLSConfigForInternalPort(v *viper.Viper) (*tls.Config, error) {

Callers 5

runFunction · 0.92
newLoaderFunction · 0.92
RunBulkLoaderFunction · 0.92
runFunction · 0.92
runRestoreCmdFunction · 0.92

Calls 2

GenerateClientTLSConfigFunction · 0.85
ErrorfMethod · 0.45

Tested by

no test coverage detected